GHSA-pjwm-cr36-mwv3: ReDoS in giskard's transformation.py (GHSL-2024-324)

GHSA-j3vq-pmp5-r5xj: Missing ratelimit on passwrod resets in zenml

Hardcoded JWT Secret in AgileConfig <1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access.

**Use of Hard-coded Credentials in AgileConfig.Client**

Critical severity GitHub Reviewed Published Aug 19, 2022 • Updated Aug 30, 2022